Shor's algorithm breaks ECDSA, RSA, and secp256k1 completely. Scan your npm dependencies and source code for quantum-vulnerable cryptography in seconds.
Every major Ethereum and Bitcoin npm package relies on ECDSA/secp256k1. None have a post-quantum migration path documented.
Catches vulnerable crypto at the dependency level and in your source code directly.
Maps your package.json against a curated database of 20+ crypto libraries and their underlying algorithms. Instant results, no source required.
Walks your JS/TS source via Babel AST to catch direct node:crypto calls — createSign('RSA-SHA256'), generateKeyPairSync('ec') — that dependency scanning misses.
Exits non-zero on critical findings. Drop npx quantum-audit . into any CI pipeline to gate on quantum exposure automatically.
Critical findings (broken by Shor's algorithm) are weighted heavily. Medium findings (weakened by Grover's) reduce the score proportionally.
Takes 10 seconds. No account required.